Find a Question:

Eset: A large group of hackers use Instagram site to spy on their targets

Jun

12

2017

group exploited the watering hole vulnerability to abuse the upgrade of a Firefox browser add-on on Instagram.
Google + LinkedIn Facebook Twitter
ESET pointed out that the latest attack-based watering hole tactics include the abuse of upgrading a Firefox browser add-on to Instagram .

The company, which specializes in information security that the group, “Torla Espionage”, which has been a bad target in targeting government sites and diplomatic officials since at least 2007, succeeded in adding a new method in its attacks to the electronic arsenal of malware.

As usual, Torla targets in its cyber attacks security holes of the watering hole pattern at sites visited by targeted users to redirect them to the infrastructure of their command and control systems.

During the recent cyber attacks, researchers at ESET monitored a crash in a previously installed Firefox add-on. Unlike its previous versions, the add-on uses the URL’s bit.ly service to access command and control systems.

However, the URL is not found in the Firefox add-ons, but is obtained using comments that are posted to specific publications on Instagram. The account of the famous singer Britney Spears on Instagram is an analytical example.

For the URL bit.ly service , the extension reviews comments published on each image, and calculates the value of the tick assigned to each comment. If the value of a tick matches a specified number, the extension triggers the “standard expression” icons on the comment to get the URL.

“The use of Torla for social networking to obtain command and control system titles is complicating matters for e-security providers,” said Jean-Ian Putin, senior malware researcher at ESET. Follow these tactics in increasing the difficulty of the process of distinguishing the movement of malicious data from the project flow of data on social media. An attacker can easily modify or erase command and control systems, because the information needed to obtain the URL for command and control systems is a commentary posted on social media. ”

In order to prevent victimization of the watering hole, ESET researchers recommend an effective practice of continuously upgrading and updating browsers and add-ons. Another procedure that can be adopted is to avoid loading or installing any extensions / attachments from illegal sources or sites.